Cyber Secure Software Developer (CSSD) (Exam CSD-110)

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 50% Off

One plan covers every Professional Certificate on Coursera. 50% off Coursera Plus Annual for 10 days only — price increases June 17.

Unlock All Certificates

The stakes for software security are high, and yet many development teams overlook it until it's too late—if they address it at all. To ensure successful implementation, it is crucial for developers to manage security and privacy issues throughout the entire software development lifecycle, rather than addressing them only after coding or during delivery preparation. This course presents an approach for dealing with security throughout all phases of the software development lifecycle. You will identify the fundamentals of security, including the vulnerabilities and attacks that compromise it. You will also employ general strategies for addressing security risks to your software projects, as well as specific tactics for identifying and remediating those risks. Ultimately, you will acquire the skills it takes to secure all facets of a software project, beyond just the code itself. This course is designed for any business professional involved in the software development process who desires or is required to develop highly secure software for organizational use. Candidates may be programmers, testers, architects, or any other personnel whose daily job duties involve directly building software; or, they may be project leaders, software engineers, and DevOps personnel who perform additional technical and non-technical duties as part of the overall software development lifecycle. This course is also designed to assist candidates in preparing for the CertNexus Cyber Secure Software Developer™ (CSSD) Exam CSD-110 certification. In this course, you will: identify fundamental security concerns in software development, leverage the secure software development lifecycle (SSDLC), define secure software requirements, design software for security, implement security protections in software, test software security, maintain security in deployed software, and prepare to defend against cyber attacks. This course requires that you use the provided virtual machine, which includes various security tools and application environments. The course setup instructions provided in the first module of the course go into more detail about the hardware and software requirements.

Syllabus

Identifying Fundamental Security Concerns in Software Development

As a software developer, your job can be complex and demanding. You must satisfy customers, meet business requirements and deadlines, and work cooperatively with other people on a project—all while handling the complex technical challenges of rapidly evolving development tools, programming languages, frameworks, and application programming interfaces (APIs). The complex interactions among all of the components involved in a project can be difficult to manage at times.

Leveraging the Secure Software Development Lifecycle

Software security is not a set of individual tasks isolated from other organizational concerns. Instead, it is a repeatable process with several stages, much in the same way that software development itself follows a lifecycle. In this lesson, you'll follow and apply the stages of this lifecycle with a focus on security, ensuring your software projects are protected at a high level.

Defining Secure Software Requirements

You've implemented different processes in the secure software development lifecycle (SSDLC), now it's time to go into depth for each phase of the lifecycle. As you know, the first phase is requirements definition and analysis. In this lesson, you'll explore some of the major sources of requirements and how best to define those requirements so that they meet your security needs.

Designing for Security

The process you use to design your software should reflect what is important to you, your customers, and other project stakeholders. Following this rationale, if software security is important to you, it should be an important part of your design processes. In this lesson, you'll move on to the second phase of the secure software development lifecycle (SSDLC) to incorporate security into the design of software.

Implementing Security Protections

You've outlined security requirements and designed your software around security. The next phase of the secure software development lifecycle (SSDLC) is development, where you actually implement security protections through code. And, as part of a DevOps approach, you'll also implement protections that support your code and your software's runtime environments.

Testing Software Security

As you design and implement software throughout the entire software development lifecycle, you need to test it to ensure it will lead to a high-quality finished product that is secure and protects both users and the organization. There are various approaches to testing, several of which you'll employ in this lesson.

Maintaining Security in Deployed Software

You've designed, developed, and tested your software. Now you must make sure it remains secure when deployed to production. And, you must ensure that security extends over time, performing fixes as needed. In this lesson, you'll engage with the final two phases of the secure software development lifecycle (SSDLC).

Preparing to Defend Against Cybersecurity Attacks

As a software developer, you may not think of yourself as being on the frontlines of cybersecurity within an organization. After all, there are security practitioners whose job it is to be vigilant against active attacks. Even though you may not implement cybersecurity defenses yourself, you must still be aware of them and why they're necessary to ensure the security of the entire organization—software included. This is crucial in supporting a truly effective DevSecOps approach.